ContainerUser isn't being set on generated manifests

dotnet / sdk-container-builds

Libraries and build tooling to create container images from .NET projects using MSBuild

https://learn.microsoft.com/en-us/dotnet/core/docker/publish-as-container

MIT License

179 stars 34 forks source link

ContainerUser isn't being set on generated manifests #520

Closed baronfel closed 8 months ago

baronfel commented 10 months ago

The ContainerUser property can be set, but it's not being applied on the generated container manifests. This means that users that set the property to root to easily opt back into rootless execution will not get the expected behavior.

As a workaround, users that build containers with the .NET 8 SDK targeting .NET 8 will need to have their container runtime force the root user until we can resolve this bug.

baronfel commented 10 months ago

The problem here is that inference of the APP_UID user id from the base image is being unconditionally set, overriding any user-specified ContainerUser values. We should check if any ContainerUser modifications have been done before using the value from environment variables.

baronfel commented 8 months ago

Closing this as we merged a hotfix.